Malware

Bulz.250131 removal instruction

Malware Removal

The Bulz.250131 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.250131 virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Unconventionial language used in binary resources: Korean
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid
  • Binary file triggered YARA rule
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Bulz.250131?



File Info:

name: 878E74E8B068AFB952F2.mlw
path: /opt/CAPEv2/storage/binaries/d5528e605829c7c5607662b2f43fd0e5f640898f0ce4db33533e05e121af32e2
crc32: 58325E8A
md5: 878e74e8b068afb952f2ca2709dac2bf
sha1: c765d58c3894fed3560dbca40da1ca95a4aa9f23
sha256: d5528e605829c7c5607662b2f43fd0e5f640898f0ce4db33533e05e121af32e2
sha512: 5ef78e09501566846d49e227112e2b7fd3f22c6012d85f3ab83ce26fd97ffb67d05257b89f1d3fc4b1ba5849c87f2cc9893109e7a3ba49bfcdcaa7f4e7527337
ssdeep: 98304:1m/fkt0lFfuq+IXMxmYmyoKXx4uNE0XN7l112lHE9968c/2e1uxaU5RozWqTNm7z:1RETcxjmKhbNEEl1kKmOe1uxLaW75d
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BE7623661BB94449C2C28D3C4A73FEBC71FC463ADD46D6349AE25CC7361A8E8F552883
sha3_384: ed4c943c8a614f4ba5157ff9f60a909a93bb181d3bf6f5ff44900c26a80bb3837f23ffa09a8f0d5a43e8d1135f2ffba9
ep_bytes: 688f1d5b62e80d34a7ff2d8805351df7
timestamp: 2020-11-12 21:56:55


Version Info:

FileDescription: Sailor Online Launcher
FileVersion: 1.0.0.3
InternalName: 
LegalCopyright: Copyright (C) 2019
OriginalFilename: 
ProductName: Sailor Online Launcher
ProductVersion: 0.0.0.3
Translation: 0x0412 0x04b0

Bulz.250131 also known as:

LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanGen:Variant.Bulz.250131
FireEyeGen:Variant.Bulz.250131
SkyhighArtemis
McAfeeArtemis!878E74E8B068
MalwarebytesGeneric.Malware/Suspicious
SangforTrojan.Win32.Agent.Vdsn
Cybereasonmalicious.8b068a
BitDefenderThetaGen:NN.ZexaF.36802.@B1@ayq0SwkG
TrendMicro-HouseCallTROJ_GEN.R002H09I823
BitDefenderGen:Variant.Bulz.250131
EmsisoftGen:Variant.Bulz.250131 (B)
VIPREGen:Variant.Bulz.250131
MAXmalware (ai score=88)
Antiy-AVLTrojan/Win32.SGeneric
ArcabitTrojan.Bulz.D3D113
GDataGen:Variant.Bulz.250131
Cylanceunsafe
MaxSecureTrojan.Malware.207169931.susgen
FortinetW32/PossibleThreat
DeepInstinctMALICIOUS
CrowdStrikewin/grayware_confidence_60% (D)

How to remove Bulz.250131?

Bulz.250131 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment